U.S. Cyber Command – Page 4

Michael Sulmeyer, who held cyber posts under Trump and Obama, gets Biden White House gig

Posted on January 19, 2021 by Tim Starks

Michael Sulmeyer, a senior adviser to National Security Agency and U.S. Cyber Command leader Gen. Paul Nakasone, will take the position of senior director for cyber in the Biden White House. Sulmeyer’s selection came with no formal announcement. Instead, the transition website posted his position Monday evening. Sulmeyer is a cybersecurity veteran with broad experience, one of many to join the Biden administration. He’s also one of several whose tenures have included roles in the Trump administration. Beyond serving under Nakasone, he also served in the Obama administration at the Defense Department, where he was director for plans and operations for cyber policy. Between roles in the Trump and Obama administrations, he was director of the Belfer Center’s Cyber Security Project at the Harvard Kennedy School. He also wrote extensively for Lawfare on subjects like election security, federal cybersecurity strategy and DOD-related cybersecurity issues. In the past, the National Security […]

The post Michael Sulmeyer, who held cyber posts under Trump and Obama, gets Biden White House gig appeared first on CyberScoop.

Continue reading Michael Sulmeyer, who held cyber posts under Trump and Obama, gets Biden White House gig→

Pentagon officials float possible NSA, Cyber Command split

Posted on December 20, 2020 by Shannon Vavra

Officials at the Department of Defense have floated a proposal in recent days that could sever the dual-hatted relationship between the National Security Agency and Cyber Command, according to a U.S. official. The NSA, the Defense Department’s foreign signals intelligence agency, and Cyber Command, the department’s offensive cyber arm, are currently both led by Gen. Paul Nakasone in an arrangement that allows them to share resources and coordinate on priorities, such as protecting U.S. elections against foreign meddling. A proposal to end that arrangement was circulated among Pentagon officials in recent days, according to The Wall Street Journal. DefenseOne first reported the news Saturday. Whether Defense Department officials intend to follow through on the idea remains unclear. Separating Cyber Command from the NSA is something lawmakers, the military and the intelligence community have mulled since the creation of Cyber Command a decade ago. Some, including Gen. Nakasone, have said they […]

The post Pentagon officials float possible NSA, Cyber Command split appeared first on CyberScoop.

Continue reading Pentagon officials float possible NSA, Cyber Command split→

A look inside Congress’ biggest cyber bill ever

Posted on December 7, 2020 by Tim Starks

Congress this week is slated to pass what just might be the most significant cybersecurity legislation ever. This year’s annual defense policy bill, known as the National Defense Authorization Act (NDAA), is loaded with provisions that would reshape the federal bureaucracy on cybersecurity. It would create a national cyber director in the White House and strengthen the Department of Homeland Security’s Cybersecurity and Information Security Agency (CISA), among other changes. “I believe it’s safe to say that this is the most important piece of cybersecurity legislation ever passed” should the final bill advance this week, said Sen. Angus King, I-Maine, who co-chaired the Cyberspace Solarium Commission that produced many of the proposals in the legislation. Mark Montgomery, executive director of the commission, called it “the most substantive” cyber legislation Congress will have passed. Others agree. “I think that’s true, 100%,” said Jonathan Reiber, a former Defense Department cybersecurity official during […]

The post A look inside Congress’ biggest cyber bill ever appeared first on CyberScoop.

Continue reading A look inside Congress’ biggest cyber bill ever→

The EU is making overtures about cybersecurity collaboration under Biden

Posted on December 7, 2020 by Shannon Vavra

European Union members convened a ministerial discussion Monday in an effort to take stock of the 2020 U.S. presidential election and plan how to best jumpstart cooperation with the incoming Biden administration on a whole host of issues, including cybersecurity matters. The agenda was focused on a proposal from the European Commission and the office of the EU High Representative that suggests that the EU and the U.S. increase cybersecurity-related information-sharing and coordinate repercussions for bad actors in cyberspace. The commission and high representative — essentially the EU’s foreign minister — also proposed an increase in cybersecurity capacity-building efforts, discussions about 5G, and a meeting in early 2021 to discuss security and military operations. Europe and the U.S. have a long history of partnering on cybersecurity issues, and in the last year the U.S. and some members of the EU have taken steps meant to increase their ability to jointly […]

The post The EU is making overtures about cybersecurity collaboration under Biden appeared first on CyberScoop.

Continue reading The EU is making overtures about cybersecurity collaboration under Biden→

Congress set to establish White House national cyber director, enact other Solarium Commission recommendations

Posted on December 3, 2020 by Tim Starks

Congress is on the verge of creating a Senate-confirmed national cyber director within the White House who would advise the president on cybersecurity and coordinate the federal government’s related work. And supporters say it would improve on a White House czar position that President Donald Trump controversially eliminated: In addition to Senate confirmation, it would be housed outside of, rather than under, the National Security Council. Multiple sources familiar with negotiations on an annual must-pass defense policy bill say that the final agreement will include the national cyber director position. And it will largely reflect a proposal by the Cyberspace Solarium Commission, which earlier this year put together a comprehensive report that made sweeping recommendations. The Trump White House had opposed the creation of the position. It’s not the only major recommendation from the Solarium Commission that was included in the legislation, either, according to those sources. It would grant the Department of Homeland Security the power to […]

The post Congress set to establish White House national cyber director, enact other Solarium Commission recommendations appeared first on CyberScoop.

Continue reading Congress set to establish White House national cyber director, enact other Solarium Commission recommendations→

TrickBot adds firmware tool that researchers say could lead to ‘bricking’ devices

Posted on December 3, 2020 by Tim Starks

The malicious software known as TrickBot has morphed again, this time with a module that probes booting process firmware for vulnerabilities, possibly setting the stage for attacks that could ultimately destroy devices, researchers say. Two cybersecurity companies, Eclypsium and Advanced Intelligence (Advintel), dubbed the TrickBot add-on module “TrickBoot,” since it targets the UEFI/BIOS firmware. Firmware is permanent code programmed into a hardware device, while UEFI and BIOS are two kinds of specifications that manage a device’s start-up. TrickBoot, then, is s a “significant step in the evolution of TrickBot,” the researchers say, that could make TrickBot especially pesty. “Since firmware is stored on the motherboard as opposed to the system drives, these threats can provide attackers with ongoing persistence even if a system is re-imaged or a hard drive is replaced,” they wrote.”Equally impactful, if firmware is used to brick a device, the recovery scenarios are markedly different (and more difficult) than recovery […]

The post TrickBot adds firmware tool that researchers say could lead to ‘bricking’ devices appeared first on CyberScoop.

Continue reading TrickBot adds firmware tool that researchers say could lead to ‘bricking’ devices→

Why the Biden administration needs a National Cyber Director more than ever

Posted on December 2, 2020 by Jeff Stone

As the Biden-Harris administration thinks about cyber appointments and cyber strategy for the first 100 days of the administration, appointing a National Cyber Director role requiring Senate confirmation is critical. The National Cyber Director will coordinate, support, and deconflict efforts on cyber, technology, and related issues led by executive branch agencies, engage the private sector to build trust and advance shared priorities, and represent the administration at home and abroad on cyber. The administration will face a number of cybersecurity and technology challenges upon entering the White House. Effective mobilization and coordination of the government, and engagement with industry and civil society requires a coordinated strategy led by an empowered National Cyber Director who is responsible for the work. That person also must be able to hold federal agencies accountable. The cybersecurity landscape has only grown more complex since President-Elect Biden left office as vice president. Election security, foreign investment […]

The post Why the Biden administration needs a National Cyber Director more than ever appeared first on CyberScoop.

Continue reading Why the Biden administration needs a National Cyber Director more than ever→

It’s hard to keep a big botnet down: TrickBot sputters back toward full health

Posted on November 30, 2020 by Tim Starks

Mounting evidence suggests that TrickBot, the vast botnet that both U.S. Cyber Command and a Microsoft-led coalition sought to disable around the 2020 elections, is on the mend and evolving. The separate campaigns featured Microsoft going to court to disable IP addresses associated with TrickBot command and control servers, as Cyber Command’s operation also targeted command and control servers. Hints of its rebound began in late October, shortly after signs of success in the bids to dismantle the TrickBot network of zombie computers. While Cyber Command and Microsoft always billed their assaults as a disruption rather than a full takedown, the TrickBot comeback is proof that it’s difficult to kill a botnet outright. Botnets are dangerous because they can be used to conduct a range of harmful activities, like distributed denial of service attacks that overwhelm a site with traffic or ransomware attacks, the latter of which were a major issue of concern for U.S. national security […]

The post It’s hard to keep a big botnet down: TrickBot sputters back toward full health appeared first on CyberScoop.

Continue reading It’s hard to keep a big botnet down: TrickBot sputters back toward full health→

UK formally unveils GCHQ’s offensive cyber-operation shop

Posted on November 20, 2020 by Shannon Vavra

The U.K. has drummed up an offensive cyber-operations unit dedicated to disrupting British adversaries in cyberspace, British Prime Minister Boris Johnson announced Thursday. The unit, known as the National Cyber Force (NCF), is capable of launching targeted campaigns against adversaries, from those that interfere with terrorists’ communications devices and cellphones to those that support British military operations, according to the announcement. The British government has been developing the force for approximately two years. The NCF, which is expected to grow to 3,000 strong in the coming years, consists of personnel from the country’s signals intelligence agency, the Government Communications Headquarters (GCHQ), as well as the Ministry of Defense, the country’s Secret Intelligence Service (MI6) and the Defence Science and Technology Laboratory. The force, which operates alongside GCHQ’s defensive cyber unit — the National Cyber Security Centre — currently only has a couple hundred staff. The announcement coincides with efforts from British […]

The post UK formally unveils GCHQ’s offensive cyber-operation shop appeared first on CyberScoop.

Continue reading UK formally unveils GCHQ’s offensive cyber-operation shop→

How the Pentagon is trolling Russian, Chinese hackers with cartoons

Posted on November 12, 2020 by Shannon Vavra

There’s little that Russian hackers hate more than being seen as soft. So when U.S. military hackers saw a way to publicly portray them as bumbling and unthreatening in recent weeks, they seized the moment. It all began when Cyber Command, the U.S. Department of Defense’s offensive cyber arm, started working with a graphics company to illustrate foreign government hackers. The military realized it could punch up the reports it releases on foreign hacking operations by adding illustrations, and try to embarrass or infuriate the foreign hacking shops along the way, one U.S. official told CyberScoop. In one case, when Cyber Command started making plans to expose some state-sponsored espionage operations tied to Russia’s Federal Security Service (FSB), the country’s KGB successor, they turned to the graphics company to develop images that would goad the Russians, the official said. “Russia hates to be seen as cuddly or cozy so we want to tick them off,” said the official, who was not authorized […]

The post How the Pentagon is trolling Russian, Chinese hackers with cartoons appeared first on CyberScoop.

Continue reading How the Pentagon is trolling Russian, Chinese hackers with cartoons→